Maybe millions of potential eyes, but all of them are looking at other things! Heartbleed existed for two years before being noticed, and OpenSSL must have enormously more scrutiny than small projects like xz.
I am very pro open source and this investigation would’ve been virtually impossible on Windows or Mac, but the many-eyes argument always struck me as more theoretical/optimistic than realistic.
=> More informations about this toot | View the thread | More toots from Deebster@programming.dev
=> View possiblylinux127@lemmy.zip profile
text/geminiThis content has been proxied by September (ba2dc).